Award-winning news, views, and insight from the ESET security community

Bad business: ALL major companies are hosting malware – Cisco

Every single one of 30 major companies tested by Cisco over the course of 2013 had malicious traffic on their networks, according to an annual report released by the company. Spyware and other malware was also growing rapidly on mobile devices.

Every single one of 30 major companies tested by Cisco over the course of 2013 had malicious traffic on their networks, according to an annual report released by the company. Spyware and other malware was also growing rapidly on mobile devices.

Cisco analyzed network traffic on the 30 firms, and found that 100% of the companies were communicating with known malicious sites – and 96% of the firms communicated wiith servers that had been hijacked by cybercriminals, according to SC Magazine’s report.

“In spite of their best efforts to keep their networks free of malicious threats, all of the organizations Cisco examined during 2013 showed evidence of suspicious traffic,” the report’s writers concluded.

“There should be an assumption by all users, perhaps, that nothing in the cyber world can or should be trusted.”

“In addition, mobile malware is growing rapidly, which further increases risk. Most IT security teams don’t have the capabillity to identify potential threats from these devices.”

Mobile malware represented a small, but rapidly growing part of the threats Cisco analyzed – with 1.3% of Web malware on mobile devices, 99% of which was on the Android platform.

In addition, many of the networks analyzed appeared to be communicating with government or military sites, despite having no business reason to do so. This could be evidence that cybercriminals were using the networks as a platform to attack further targets.

“Traffic to these sites may not be a definitive sign of a compromise, but for organizations that do not habitually do business with the government or the military, such traffic could indicate that networks are being compromised so that criminals can use them to breach government or military websites and networks,” the report said.

The Register reports that Cisco’s analysts noted that many of the networks were calling malicious hosts for long periods – an indicator that penetrations of their networks were going unnoticed.

Cisco’s analysis was based on 200,000 IP addresses, 400,000 malware samples, 33 million files from endpoints and 28 million network connections.